From 662d94e958badf6285130ee0c8b93cb276a51329 Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Wed, 17 Apr 2013 15:40:09 +0200
Subject: [PATCH] Complexity reduced

---
 lib/common/collections/wp_items/detectable.rb | 22 ++++++--
 lib/common/models/wp_user/brute_forcable.rb   | 50 +++++++++----------
 2 files changed, 43 insertions(+), 29 deletions(-)

diff --git a/lib/common/collections/wp_items/detectable.rb b/lib/common/collections/wp_items/detectable.rb
index 5ec84dd7..0cf84062 100755
--- a/lib/common/collections/wp_items/detectable.rb
+++ b/lib/common/collections/wp_items/detectable.rb
@@ -17,15 +17,12 @@ class WpItems < Array
       browser          = Browser.instance
       hydra            = browser.hydra
       targets          = targets_items(wp_target, options)
+      progress_bar     = progress_bar(targets.size, options)
       exist_options    = {
         error_404_hash:  wp_target.error_404_hash,
         homepage_hash:   wp_target.homepage_hash,
         exclude_content: options[:exclude_content] ? %r{#{options[:exclude_content]}} : nil
       }
-      progress_bar     = ProgressBar.create(format: '%t %a <%B> (%c / %C) %P%% %e',
-                                            title: '  ', # Used to craete a left margin
-                                            length: 120,
-                                            total: targets.size) if options[:show_progression]
 
       # If we only want the vulnerable ones, the passive detection is ignored
       # Otherwise, a passive detection is performed, and results will be merged
@@ -58,6 +55,23 @@ class WpItems < Array
       results # can't just return results.sort because the #sort returns an array, and we want a WpItems
     end
 
+    # @param [ Integer ] targets_size
+    # @param [ Hash ] options
+    #
+    # @return [ ProgressBar ]
+    # :nocov:
+    def progress_bar(targets_size, options)
+      if options[:show_progression]
+        ProgressBar.create(
+          format: '%t %a <%B> (%c / %C) %P%% %e',
+          title: '  ', # Used to craete a left margin
+          length: 120,
+          total: targets_size
+        )
+      end
+    end
+    # :nocov:
+
     # @param [ WpTarget ] wp_target
     # @param [ Hash ] options
     #
diff --git a/lib/common/models/wp_user/brute_forcable.rb b/lib/common/models/wp_user/brute_forcable.rb
index a98b4345..d9ffe61d 100644
--- a/lib/common/models/wp_user/brute_forcable.rb
+++ b/lib/common/models/wp_user/brute_forcable.rb
@@ -25,7 +25,7 @@ class WpUser < WpItem
       passwords    = BruteForcable.passwords_from_wordlist(wordlist)
       queue_count  = 0
       found        = false
-      progress_bar = self.progress_bar(passwords.size) if options[:show_progression]
+      progress_bar = self.progress_bar(passwords.size, options)
 
       passwords.each do |password|
         request = login_request(password)
@@ -56,17 +56,20 @@ class WpUser < WpItem
       hydra.run
     end
 
-    # @param [ Integer ] password_size
+    # @param [ Integer ] targets_size
+    # @param [ Hash ] options
     #
     # @return [ ProgressBar ]
     # :nocov:
-    def progress_bar(passwords_size)
-      ProgressBar.create(
-        format: '%t %a <%B> (%c / %C) %P%% %e',
-        title: "  Brute Forcing '#{login}'",
-        length: 120,
-        total: passwords_size
-      )
+    def progress_bar(passwords_size, options)
+      if options[:show_progression]
+        ProgressBar.create(
+          format: '%t %a <%B> (%c / %C) %P%% %e',
+          title: "  Brute Forcing '#{login}'",
+          length: 120,
+          total: passwords_size
+        )
+      end
     end
     # :nocov:
 
@@ -90,28 +93,25 @@ class WpUser < WpItem
     # @return [ Boolean ]
     def valid_password?(response, password, options = {})
       if response.code == 302
-        puts "\n  " + green('[SUCCESS]') + " Login : #{login} Password : #{password}\n\n" if options[:show_progression]
-        return true
+        progression = "#{green('[SUCCESS]')} Login : #{login} Password : #{password}\n\n"
+        valid       = true
       elsif response.body =~ /login_error/i
-        puts "\n  Incorrect login and/or password." if options[:verbose]
+        verbose = "\n  Incorrect login and/or password."
       elsif response.timed_out?
-        puts "\n  " + red('ERROR:') + ' Request timed out.' if options[:show_progression]
+        progression = "#{red('ERROR:')} Request timed out."
       elsif response.code == 0
-        puts "\n  " + red('ERROR:') + ' No response from remote server. WAF/IPS?' if options[:show_progression]
+        progression = "#{red('ERROR:')} No response from remote server. WAF/IPS?"
       elsif response.code.to_s =~ /^50/
-        puts "\n  " + red('ERROR:') + ' Server error, try reducing the number of threads.' if options[:show_progression]
+        progression = "#{red('ERROR:')} Server error, try reducing the number of threads."
       else
-        puts "\n  " + red('ERROR:') + " We received an unknown response for #{password}..." if options[:show_progression]
-
-        # :nocov:
-        if options[:verbose]
-          puts red("    Code: #{response.code}")
-          puts red("    Body: #{response.body}")
-          puts
-        end
-        # :nocov:
+        progression = "#{red('ERROR:')} We received an unknown response for #{password}..."
+        verbose     = red("    Code: #{response.code}\n    Body: #{response.body}\n")
       end
-      false
+
+      puts "\n  " + progression if progression && options[:show_progression]
+      puts verbose if verbose && options[:verbose]
+
+      valid || false
     end
 
     # Load the passwords from the wordlist, which can be a file path or